If you are interested in using cloud or hosted IT services (or are already using one of these services) it is important that you are clear of the implications with regard to data protection and information security.
This toolkit provides guidance to assist members of the University when assessing the suitability of the service for processing and storing data controlled by the University. The guidance is intended to be applicable to the University, its constituent units, and its members (whether staff or student).
The toolkit was developed by a working group convened by IT Services and including representation from Legal Services, Information Security, OUP and Purchasing.
These pages provide guidance on the selection and use of cloud computing services, including good practice and links to other policies and information.
Materials prepared by Legal Services covering data protection law with respect to cloud services providers, a data processing clause, and a handy flowchart.
Guidance prepared by the Information Security team relating to cloud services. It includes an information security flowchart, a cloud security checklist and a third party security assessment template.